El Carro is a new tool that allows users to keep full control of their database environment (root on a machine, sysdba in Oracle), while helping users automate several aspects of managing their database services.
El Carro helps you with the deployment and management of a database software (like Oracle database) on Kubernetes. You must have appropriate licensing rights to that database software to allow you to use it with El Carro (BYOL).
This quickstart aims to help get your licensed Oracle 19c EE database up and running on Kubernetes. This guide is only intended for users that have a valid license for Oracle 19c EE. If you do not have a license, you should use Oracle 18c XE which is free to use by following the quickstart guide for Oracle 18c XE instead. If instead, you have a license for Oracle 12c EE, check out the quickstart guide for Oracle 12c EE
The following variables will be used in this quickstart:
export DBNAME=<Must consist of only uppercase letters, and digits. For example: MYDB>
export PROJECT_ID=<your GCP project id>
export SERVICE_ACCOUNT_ID=<The ID for the service account to be used by El Carro>
export SERVICE_ACCOUNT=<fully qualified name of the compute service account to be used by El Carro (i.e. SERVICE_ACCOUNT_ID@PROJECT_ID.iam.gserviceaccount.com)>
export PATH_TO_EL_CARRO_RELEASE=<the complete path to the downloaded release directory>
export GCS_BUCKET=<your globally unique Google Cloud Storage bucket name>
export ZONE=<for example: us-central1-a>
export CLUSTER_NAME=<for example: cluster1>
You should set these variables in your environment.
Download El Carro software to your workstation as follows:
-
Option 1: You can download it from El Carro GitHub repo. Choose one of the release versions, preferably the latest release. The release artifacts exist as release-artifacts.tar.gz.
-
Option 2: You can choose one of the release versions, preferably the latest release, from this GCS bucket using gsutil.
gsutil -m cp -r gs://elcarro/latest $PATH_TO_EL_CARRO_RELEASE
Create a new GCP project or reuse an existing one to install El Carro. GCP provides free tier products. So if you are not already a GCP user, you can sign up for a free trial. :)
gcloud projects create $PROJECT_ID [--folder [...]]
Set gcloud config project to $PROJECT_ID sh gcloud config set project $PROJECT_ID
Check gcloud config project sh gcloud config get-value project
Create a new service account or reuse an existing one in your GCP project to install El Carro. Check out Creating and Managing Service Accounts if you need help creating or locating an existing service account.
To get El Carro up and running, you need to do one of the following:
Express install
Download required Oracle Database 19c software and upload the files to your $GCS_BUCKET
- Oracle Database 19c (19.3.0.0.0) for Linux x86-64 (Enterprise Edition), which can be downloaded from the Oracle eDelivery Cloud.
- A recent PSU. The April 2021 PSU can be downloaded here.
- Latest available OPatch that can be downloaded from
here. We recommend
choosing the following download parameters:
- Release: OPatch 20.0.0.0.0
- Platform: Linux x86_64
Run the express install script:
$PATH_TO_EL_CARRO_RELEASE/deploy/install.sh --db_version 19.3 --gcs_oracle_binaries_path $GCS_BUCKET --service_account $SERVICE_ACCOUNT
Optionally set CDB name, GKE cluster name, GKE zone
$PATH_TO_EL_CARRO_RELEASE/deploy/install.sh --db_version 19.3 --gcs_oracle_binaries_path $GCS_BUCKET --service_account $SERVICE_ACCOUNT --cdb_name $DBNAME --cluster_name $CLUSTER_NAME --gke_zone $ZONE
OR
Perform the manual installation steps:
- Check downloaded El Carro software
- Create a containerized database image
- Provision a kubernetes cluster. We recommend a cluster running Kubernetes/GKE version 1.17 or above.
- Deploy the El Carro Operator to your Kubernetes cluster
- Create an Instance (CDB) and Database (PDB) via the El Carro Operator
El Carro software was downloaded to $PATH_TO_EL_CARRO_RELEASE, artifacts:
- The
operator.yaml
is a collection of manifests that is used to deploy the El Carro Operator: - The
ui.yaml
is a collection of manifests that is used to deploy the El Carro UI. - The
dbimage
directory contains a set of files for building a containerized database image described in the next section. - The
samples
directory contains the manifests for creating Custom Resources (CRs) mentioned in this user guide. - The
workflows
directory is similar to samples, but the manifests there are the DRY templates that can be hydrated with kpt to create/manage the same Custom Resources (CRs).
We recommend starting with the samples first, but as you become more familiar with El Carro, consider the more advanced use of declarative workflows that can be achieved with the parameterized templates in the workflows directory.
The db_monitor.yaml
and setup_monitoring.sh
files are useful to deploy the
El Carro monitoring and viewing metrics.
There are 4 options to procure a 19c EE database image:
- Option 1: Using Google Cloud Build to create a containerized Oracle database image via El Carro image build scripts
- Option 2: Building a containerized Oracle database image locally using Docker via El Carro image build scripts
- Option 3: Downloading database installation files and create your database image using scripts supplied by Oracle
- Option 4: Downloading a pre-built image from Oracle Container Registry
Each of these options is described in more details below.
Currently, only options 1 and 2 allow you to build a seeded image. Seeded images come with a pre-created CDB. This can drastically cut down provisioning time since El Carro will not need to create a CDB, which can be time consuming. Additionally, only options 1 and 2 allow you to patch your database software during image build, ensuring you are running the latest and greatest software.
If you choose to follow option 1 or 2 you will need to download three pieces of software from Oracle's website:
- Oracle Database 19c (19.3.0.0.0) for Linux x86-64 (Enterprise Edition), which can be downloaded from the Oracle eDelivery Cloud.
- A recent PSU. The April 2021 PSU can be downloaded here.
- Latest available OPatch that can be downloaded from
here. We recommend
choosing the following download parameters:
- Release: OPatch 20.0.0.0.0
- Platform: Linux x86_64
-
Create a new GCP project or reuse an existing one with the following settings:
gcloud projects create $PROJECT_ID [--folder [...]] gcloud services enable container.googleapis.com anthos.googleapis.com cloudbuild.googleapis.com artifactregistry.googleapis.com --project $PROJECT_ID
Though the default compute service account can be used with El Carro, we recommend creating a dedicated one as follows:
gcloud iam service-accounts create $SERVICE_ACCOUNT_ID --project $PROJECT_ID export PROJECT_NUMBER=$(gcloud projects describe $PROJECT_ID --format="value(projectNumber)") gcloud projects add-iam-policy-binding $PROJECT_ID --member=serviceAccount:service-${PROJECT_NUMBER}@containerregistry.iam.gserviceaccount.com --role=roles/containerregistry.ServiceAgent
-
Transfer the Oracle binaries you downloaded earlier to a GCS bucket. If needed, a new GCS bucket can be created as follows:
gsutil mb gs://$GCS_BUCKET gsutil cp ~/Downloads/LINUX.X64_193000_db_home.zip gs://$GCS_BUCKET/install/ gsutil cp ~/Downloads/p6880880_200000_Linux-x86-64.zip gs://$GCS_BUCKET/install/ gsutil cp ~/Downloads/p32545013_190000_Linux-x86-64.zip gs://$GCS_BUCKET/install/
Once the bucket is ready, grant the IAM read privilege (roles/storage.objectViewer) to the Google Cloud Build service account. Use your project name as a PROJECT_ID and your globally unique GCS bucket name in the snippet below:
export PROJECT_NUMBER=$(gcloud projects describe $PROJECT_ID --format="value(projectNumber)") gsutil iam ch serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com:roles/storage.objectViewer gs://$GCS_BUCKET
-
Trigger the Google Cloud Build pipeline
You have the choice of creating a container image with just the Oracle RDBMS software in it or, optionally, create a seed database (CDB) at the same time and host it in the same container image. Seeded images are larger in size but may save you time during provisioning. For a quick start, we suggest you create a seeded container image.
- To create a seeded image, run the following:
cd $PATH_TO_EL_CARRO_RELEASE/dbimage chmod +x ./image_build.sh ./image_build.sh --install_path=gs://$GCS_BUCKET/install --db_version=19.3 --PATCH_VERSION=32545013 --create_cdb=true --cdb_name=$DBNAME --mem_pct=45 --no_dry_run --project_id=$PROJECT_ID Executing the following command: [...]
If AccessDeniedException is raised against the above command, it's likely because the previous
gsutil iam ch
command didn’t succeed. We suggest you rerun thegsutil
command and ensure that the Cloud build service account has the read privilege on the GCS bucket that contains the Oracle software.- To create an unseeded image (one without a CDB), run the same steps as
for the seeded case but set the
--create_cdb
flag tofalse
and omit the--cdb_name
parameter.
cd $PATH_TO_EL_CARRO_RELEASE/dbimage chmod +x ./image_build.sh ./image_build.sh --install_path=gs://$GCS_BUCKET/install --db_version=19.3 --PATCH_VERSION=32545013 --create_cdb=false --mem_pct=45 --no_dry_run --project_id=$PROJECT_ID Executing the following command: [...]
-
Verify that your containerized database image was successfully created.
Depending on the options you choose when you run the image creation script, creating a containerized image may take ~40+ minutes. To verify the image that was created, run:
gcloud container images list --project $PROJECT_ID --repository gcr.io/$PROJECT_ID/oracle-database-images NAME gcr.io/$PROJECT_ID/oracle-database-images/oracle-19.3-ee-seeded-$DBNAME gcloud container images describe gcr.io/$PROJECT_ID/oracle-database-images/oracle-19.3-ee-seeded-$DBNAME image_summary: digest: sha256:c18d81c3cf6e7f93c25f0e16a91580316858adb67e7ed13ea79bc98e731a4eac fully_qualified_digest: gcr.io/$PROJECT_ID/oracle-database-images/oracle-19.3-ee-database-$DBNAME@sha256:c18d81c3cf6e7f93c25f0e16a91580316858adb67e7ed13ea79bc98e731a4eac registry: gcr.io repository: $PROJECT_ID/oracle-database-images/oracle-19.3-ee-database-$DBNAME
If you're not able or prefer not to use Google cloud build to create a containerized database image, you can build an image locally using Docker. You need to push your locally built image to a registry that your Kubernetes cluster can pull images from. You must have Docker installed before proceeding with a local containerized database image build.
Note that in the current release, local build only works with Linux systems. Additional support for other operating systems like Windows, Mac OS, etc. will be added in future releases.
-
Copy the Oracle binaries you downloaded earlier to
PATH_TO_EL_CARRO_RELEASE/dbimage
Your $PATH_TO_EL_CARRO_RELEASE directory should look something like.
ls -1X Dockerfile README.md image_build.sh install-oracle-18c-xe.sh install-oracle.sh ora12-config.sh ora19-config.sh cloudbuild.yaml p32545013_190000_Linux-x86-64.zip p6880880_200000_Linux-x86-64.zip LINUX.X64_193000_db_home.zip
-
Trigger the image creation script
You have the choice of creating a container image with just the Oracle RDBMS software in it or, optionally, create a seed database (CDB) at the same time and host it in the same container image. Seeded images are larger in size but may save you time during provisioning. For a quick start, we suggest you create a seeded container image.
- To create a seeded image, run the following:
cd $PATH_TO_EL_CARRO_RELEASE/dbimage chmod +x ./image_build.sh ./image_build.sh --local_build=true --db_version=19.3 --patch_version=32545013 --create_cdb=true --cdb_name=$DBNAME --mem_pct=45 --no_dry_run --project_id=local-build Executing the following command: [...]
- To create an unseeded image (one without a CDB), run the same steps as
for the seeded case but set the
--create_cdb
flag tofalse
and omit the--cdb_name
parameter.
cd $PATH_TO_EL_CARRO_RELEASE/dbimage chmod +x ./image_build.sh ./image_build.sh --local_build=true --db_version=19.3 --patch_version=32545013 --create_cdb=false --mem_pct=45 --no_dry_run --project_id=local-build Executing the following command: [...]
-
Verify that your containerized database image was successfully created
Depending on the options you choose when you run the image creation script, creating a containerized image may take ~40+ minutes. To verify that your image was successfully created, run the following command:
docker images REPOSITORY TAG IMAGE ID CREATED SIZE gcr.io/local-build/oracle-database-images/oracle-19.3-ee-seeded-$DBNAME latest c18d81c3cf6e 3 hours ago 13.5GB
-
Re-tag your locally built image if necessary using the docker tag command and push it to a registry that your Kubernetes cluster can pull images from using the docker push command.
-
Follow instructions posted on Oracle's GitHub repo
-
Re-tag your locally built image if necessary using the docker tag command and push it to a registry that your Kubernetes cluster can pull images from using the docker push command.
Note that any image built using Oracle's scripts will be unseeded, meaning it won't contain a CDB. As such, El Carro will automatically create a CDB during instance provisioning.
The tag for the OCR Oracle 19c image that was tested with El Carro is container-registry.oracle.com/database/enterprise:19.3.0.0
You have two choices here: you can either configure your kubernetes cluster to automatically pull the Oracle 19c image directly from the OCR or you can manually pull the image using Docker, re-tag it if necessary, and push it to a registry your kubernetes cluster can access.
To configure your kubernetes cluster to access the Oracle Container Registry, check out this guide.
To manually pull the image from the OCR and avoid configuring Kubernetes to pull from OCR, follow the instructions below:
-
For Oracle 19c, you should pull the image using docker pull container-registry.oracle.com/database/enterprise:19.3.0.0
-
Re-tag the pulled image if necessary using the docker tag command and push it to a registry that your Kubernetes cluster can pull images from using the docker push command.
Note that the image supplied by OCR is unseeded, meaning it doesn't contain a CDB. As such, El Carro will automatically create a CDB during instance provisioning.
To provision a Kubernetes cluster on Google Kubernetes Engine (GKE), run the following command:
gcloud container clusters create $CLUSTER_NAME --release-channel rapid --machine-type=n1-standard-4 --num-nodes 2 --zone $ZONE --project $PROJECT_ID --scopes gke-default,compute-rw,cloud-platform,https://www.googleapis.com/auth/dataaccessauditlogging --service-account $SERVICE_ACCOUNT
To get the cluster ready for El Carro, create a k8s storage class and a volume snapshot class as follows:
kubectl create -f $PATH_TO_EL_CARRO_RELEASE/deploy/csi/gce_pd_storage_class.yaml
kubectl create -f $PATH_TO_EL_CARRO_RELEASE/deploy/csi/gce_pd_volume_snapshot_class.yaml
Verify that both resources have been created properly by running:
kubectl get storageclasses
NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE
csi-gce-pd pd.csi.storage.gke.io Delete WaitForFirstConsumer false 30d
standard (default) kubernetes.io/gce-pd Delete Immediate true 30d
kubectl get volumesnapshotclass
NAME AGE
csi-gce-pd-snapshot-class 78s
You can use kubectl
to deploy the El Carro Operator to your cluster by
running:
kubectl apply -f $PATH_TO_EL_CARRO_RELEASE/operator.yaml
namespace/operator-system created
[...]
To create an instance:
-
Create a namespace to host your instance by running:
kubectl create namespace db
-
Modify $PATH_TO_EL_CARRO_RELEASE/samples/v1alpha1_instance_19c_EE.yaml to include the link to the database service image you built earlier.
-
Apply the modified yaml file by running:
kubectl apply -f $PATH_TO_EL_CARRO_RELEASE/samples/v1alpha1_instance_19c_EE.yaml -n db
Monitor creation of your instance by running:
kubectl get -w instances.oracle.db.anthosapis.com -n db
NAME DB ENGINE VERSION EDITION ENDPOINT URL DB NAMES BACKUP ID READYSTATUS READYREASON DBREADYSTATUS DBREADYREASON
mydb Oracle 19.3 Enterprise mydb-svc.db 34.131.42.32:6021 False CreateInProgress
Once your instance is ready, the READYSTATUS and DBREADYSTATUS will both flip to TRUE.
Tip: You can monitor the logs from the El Carro operator by running:
kubectl logs -l control-plane=controller-manager -n operator-system -c manager -f
To store and query data, create a PDB and attach it to the instance you created in the previous step by running:
kubectl apply -f $PATH_TO_EL_CARRO_RELEASE/samples/v1alpha1_database_pdb1.yaml -n db
Monitor creation of your PDB by running:
kubectl get -w databases.oracle.db.anthosapis.com -n db
NAME INSTANCE USERS PHASE DATABASEREADYSTATUS DATABASEREADYREASON USERREADYSTATUS USERREADYREASON
pdb1 mydb ["superuser","scott","proberuser"] Ready True CreateComplete True SyncComplete
Once your PDB is ready, the DATABASEREADYSTATUS and USERREADYSTATUS will both flip to TRUE.
You can access your PDB externally by using sqlplus:
sqlplus scott/tiger@$INSTANCE_URL/pdb1.gke
Replace $INSTANCE_URL with the URL that was assigned to your instance.